Install your Internal Probe (Autobahn engine)

This user manual will instruct you on how to install your internal probe to run internal scans through Autobahn Fit

Table of content

Request the internal probe

Whitelisting IPs and Domains to install and operate the probe

Installing the internal probe

Logging Autobahn worker data

Testing the probe

Create your scan on Autobahn Fit

Request the internal probe

To enable the internal scan, you need to have the zip file of the internal probe ready to be installed in your system. You can get this file through your customer support. Contact our customer support for further assistance.

Whitelist IPs and Domains to install and operate the probe

The Docker host needs to be able to reach these IP addresses to provide direct (secured) connections to Autobahn Fit. Check this page to see the list of IPs to be whitelisted.

  Install the internal probe

The Autobahn Fit worker is deployed via a Docker image.

Specifications:
The server hosting the docker should have at least 4 CPU cores, 8 GB RAM, 100GB HDD, and internet access.

You can install a pre-configured image through the Autobahn Docker registry with these steps:

 1 - You need to have docker installed on your system as Autobahn is deployed via a docker image. On Ubuntu, this command installs docker:

$ sudo apt install docker.io

Ensure your user account has permission to run this command. More information: Docker: Accelerated, Containerized Application Development.

Docker installation steps may differ depending on the installed operating system. Please refer to Docker's official site for an installation tutorial based on the operating system (Reference: Install Docker Engine ). After Docker installation, please follow the post-install step as described in Linux post-installation steps for Docker Engine.

 

2 - Next, ensure that your user account can start Docker containers by running these commands:

$ sudo groupadd docker
$ sudo usermod -aG docker ${USER}

At this point, you need to log out and log in again for the group change to be effective

$ docker ps

3 - Execute the following command to extract the configuration and installation files, and to install the Autobahn Docker image.

$ unzip probe_name.zip

Replace probe_name with the name of the zip file that was given to you. This should be the name of the probe label.

$ cd autobahn_worker

4 - Then you will need to run the Autobahn worker. This worker needs to run when starting an internal scan, otherwise the scan would not start. Run the worker using the following command.

$ ./autobahn_probe.sh run

5 - The prompt will notify you that the worker is running. You can only start internal scans by running the worker (given all steps below have been completed).

6 - After your internal scan has finished, you can stop the Autobahn worker that is running using the following command.

$ ./autobahn_probe.sh stop

Other useful commands

Upgrade to the latest Autobahn Worker version

$ ./autobahn_probe.sh run

Uninstall the Autobahn Worker from Docker:

 $ ./autobahn_probe.sh uninstall

Perform a network test to check whether a specific domain / subnet is reachable from the server:

 $ ./autobahn_probe.sh network-test

For more information on each script, run them with

./autobahn_probe.sh help

Log the Autobahn Worker data

By default, the Autobahn Worker container will send log data to the Autobahn server for diagnostic, debugging, and troubleshooting purposes. If you do not want these logs sent, please run the command:

$ ./autobahn_probe.sh disable-log-exports

To enable sending logs, run this command:

$ ./autobahn_probe.sh enable-log-exports

In case further logs data is required for troubleshooting, the command below will collect necessary logs and information from Autobahn Worker and compress it to a single file:

 $ ./autobahn_probe.sh collect-logs

The compressed file will be created in the same directory as the script.

Test the probe

If you are unsure whether your assets have been whitelisted for an internal scan, you can check using the following command in your command prompt.

1./autobahn_probe.sh network-test [target] [optional: ports] [optional: extra params]

where:

  • target is the asset that would like to be scanned

  • ports is the specified asset port to be scanned (if any)

  • extra params are for any other parameters that would like to be added (if any)

Target can either be a domain, an IP address, or a subnet. If no ports are specified, ports 22, 80, and 443 will be scanned.

Once you have run this command, refer to the script output to check whether selected IPs have been whitelisted or not.

Examples

 ./autobahn_probe.sh network-test '192.168.0.0/24'

Commands the system to do network tests to specific subnet and default ports (22, 80, 443)

./autobahn_probe.sh network-test '192.168.0.0/24' '22,80,443,3307'

Commands the system to do network tests to specific subnets and specific ports

./autobahn_probe.sh network-test '192.168.0.0/24' '22,80,443,3307' '-6'

Commands the system to do network tests to specific subnets, and specific ports, and pass extra args to Nmap.

Create your internal scan

The internal probe has been successfully installed. You can now start internal scans by logging in to your account and starting a scan.